Comprehensive Risk Management Suite
System FURIA provides sufficient options for efficient risk management in your business environment. Via its uniform platform FURIA enables you to handle risk on direct, undisputed way, without entering the “gray zone of unknown”.
Although it is applicative system, but in the term of the Management Tool, FURIA is not the layer between the Management and the Responsible; FURIA ensure that all relevant parties are tightly connected in the same process of governing and management of the risk.
Since atoms are highly flexible, system provide “missing chain” – one uniform way to access the risk management information of any kind, regardless of its roots: audit reports, regulatory requirements, executive decisions or security issues.
Compliance Management
FURIA ensure ease in compliance management, i.e. monitoring of detected compliance issues and their resolution.
Typically, compliance issues “live its own life”, more or less spread across obligations of multiple or all departments, but usually is concentrated in the function of Compliance Manager. Having difficulties to handle multiple sources, or event not aware of some compliance issues if not directly reported to Compliance Department, efficiency of Compliance Manager is frequently under the question. Until the fine come from the regulatory body; then is usually too late for avoidance.
One of the key functional elements that system provides is document referencing which enables you to make cross-area reports that target e.g. one particular law or standard, or regulatory requirement. Thus, you are able to inspect and closely monitor level of implementation of GAPs identified across different type of internal or external audit reports, compliance surveys, security reports etc. That functionality, in most of the business environments, is hardly achievable, not much reliable, or simply not comprehensive enough to cover whole story.
Heterogeneous Data & Flexible Data Abstraction
As mentioned before, the real strength of FURIA engine is to combine different information sources, non-related processes that handle similar or even the same issues, and deal with multiple formats of input and reporting.
That’s not typical to the standard application systems, at least not typical for the most of them. Due to excellency of its internal design and flexibility of atoms as the prime advantage, FURIA system successfully manage heterogeneous data and retrieve relevant data that will guide you to adequate decisions.
By its internal design, FURIA data abstraction layers allow handling multiple forms of atoms in a way that best suites customer needs. Small digression: this target was the prime cause for longer initial research and development phase, because we searched for the proper environment that can handle level of abstraction we required.
That was the issue what we marked as mandatory in the system development. That was the only way to avoid the problem with any application you ever tried: hard-coded and non-flexible systems force you to follow inherited principles, internal rules of design and, moreover, to change your way of managing and organizing the things just to fit cruel laws of man-made code. Hopefully (or better: thank to our persistence), we succeeded in our mission to achieve the goal. You don’t need to change yourself or your processes. Just jump in the saddle and point your direction!
Issue Prioritization
In the sea of “important issues”, how frequent you face with some “very important” or even “critical” requirements? Too frequent, may we guess. So, how to recognize “important” from “urgent”, “real issues” from “hoaxes”, and then to be sure of the choice? Tough question, indeed.
We designed the system in that way you can compare different types of issues via multiple criteria; the criteria that you set, not some third-party application.
Now you are able to value and combine e.g. high-risk audit findings, anti-fraud control reports, non-compliance with particular regulations and something you are most worried about – your executive decisions. How? By proper grading and prioritization of the issues. It should not be situations when e.g. low-risk audit issues that come with priority level above vital security issues, or some remarks on your processes that “push down” and de-prioritize your direct executive decisions! Now you are able to “see them all”, shoulder to shoulder, to check its nature in details or stay on top of it making sure that you can push the rule of “first things first”.
Reliability of Information
Integrated data protection mechanisms, based on best industry standards, assure confidentiality and integrity of the information
(1) within the application database, and
(2) in the pathway between the client and the application core.
Time-stamps, hash-checks, security triggers and other cool stuff ensure that no changes can pass unnoticed in FURIA. The system of protection is easy configurable and, if you require some specific additional protection, it can be made in a short manner.
Logging system gives you the full information about the identity of users that perform changes, exact time when changes occur, the source of change and the information itself, what actually has been changed.
By its design, logging system is configurable to use its own structures or any modern way of logging, including Windows event logging system, external logging DB and shipping logs to particular SIEM system that you use as centralized log management.
Internal alerts are available but any additional type of alerting can be easily added into the system, making sure that attention on particular event is drawn to admins and other supervisory staff (CISO, CAE, etc.).
Security and Encryption
Application internal design highly depends on security core functionalities, such as adequate user identification, straight-forward rules of access, inheritance of access levels, delegation of access, but first of all – strong security encapsulation.
To achieve our goal in security terms, current best industry practices are consulted (and followed), as well as the recommendations from core platform vendors. We don’t stop there. Since security questions rise on the daily level, we assure that industry changes are properly assessed and recommendations timely implemented.
FURIA provides essential critical controls in user management such as storing user credentials in non-reversible form, encryption of sensitive information, flexible password policies that can be customized per requirement, automated alerting on changes and unsuccessful attempts of changes, and much more.
When it comes to implementation of your particular Information Security Policy, due to excellent selection of core platform and the way we develop the system, we can be sure that, whatever your additional requirements can be, they are possible to implement as additional layer to existing security logic. Particular details are available in product white papers, but not bother too much – if you decide to implement retina scan or fingerprint authentication, the system can be altered to support it.
Uniform Collaboration Suite
Multiple heterogeneous application systems suffer typically from one common issue: differences between user experience and the application interface. Why this is important? When you deal with the variety of types of “issues”, you follow the logic that application force you to follow, and then you face that some things are easy to do in some systems while they are very difficult or not implemented at all in other systems.
Sometimes user experience can be so frustrating that force you to think on the two things – can I do it and how to do it, instead of thinking how something can be used on the best way, how it can be managed and finally used to improve or predict things coming.
System FURIA deals with different types of atoms on the very same, common way, so you expect the same output regardless of the source or no matter what is the substance of the issue, the atom. The things you can do with the Audit Finding atom you can for sure expect on Security Issues, Compliance remarks and Executive decisions. The way how you will use and manipulate the information is up to you, as long as you have decent idea of the desired output.
Common user interface and common controls define unique experience which is applied all across the system. Wherever you are, whatever you do, you can expect predictable output as a result of course of your actions taken. That enables users to quickly get familiar with the system, with the controls and force them to think about the information they produce more than ever before. Users then start thinking about productivity, efficiency, uniform approach to heterogeneous information for the one cause – get better output with each new iteration.
Common environment makes users “feel like home” instead of hostile, less friendly or non-intuitive user interface with multiple applications from different vendors.
Gap Management
When we talk about e.g. audit findings, we see some issues, responsibilities, deadlines and corrective measures to be taken. When we approach Compliance matters, we see them too but sometimes not so clear like with audits, but obviously they are presented in some abstract or more concrete form of the report. If we talk about security reports, we can clearly see the issues that affect our security environment.
What is the common thing among them? They are some different forms of GAPs, handled more or less similar way, or at least we would like to be likewise.
System FURIA gives you proper, reliable and transparent tools to deal with these different GAPs, preserving the security boundaries and attacking the main thing, the GAPs and corrective measures. Using cross-reporting among different types of atoms you are able to gather both new and historical information about all issues on your target you examine, giving you quickly list of GAPs that share common target.
This allows you to have ad-hoc reporting that spread across the multiple Hierarchies, multiple organizational units (or different companies in the Group) on single point of interest, making the GAP analysis based on existing, known stuff, pending for corrections.
Sometimes GAP overall analysis can be very complicated, having GAPs depending one from another, and if connected they can escalate some important parts of the business problems that require additional attention. There comes FURIA as the efficient tool to quickly update on current and past state of individual GAPs.
Now, with comprehensive set of reports, you can quickly follow the GAP suppression on periodical, even daily or hourly level. Need to prepare known GAPs related to user password management, open and closed issues in the Audit, the Security and the Standards implementation for the meeting in one hour? Not a problem, use the drill-down possibilities and generate reliable reports.
Efficiency Management
In the world of controls, and the world of lack of the controls, there is one thing always taking Management attention: efficiency.
How quickly issues are solved? What departments are “too slow” or “late” to fulfill agreed actions? Are there some among us who do not perform as expected, do not fulfill their obligations to accepted audit issues? How much time and resources (yes, money) we can expect to be spent having in mind breaches and disrespect of the deadlines? Are there some indications or announcements that non-compliance with some particular law will continue even after the deadline given by the regulator? How much issues are still open with exceeded deadline and how much of them still have time to be finished, per department, or per sector with all of its departments included in the stats?
System FURIA grants you all necessary tools for efficiency metering and monitoring. By involving parties (responsible authorities) in the regular notifications, providing comments and status changes, the Management have direct input about critical, important or some specific issues of their interest.
Unlimited Reporting Possibilities
System involve two levels of reporting, one within the application shell and another “outside” of the application forms, using proven Microsoft technologies (MSSQL, SSRS, SSIS, SSAS) combined with simple interface that majority of users are using in everyday operations – Excel and Reporting Services.
Using FURIA CUBEs and Excel, reporting system get outside of predefined reports and standard application reporting boundaries. Users are provided with the opportunity to design their own reports in a matter of minutes, with minimal basic knowledge of Excel. All the information stored and processed in FURIA database is processed in CUBEs and carefully selected dimensions and measures define the productivity tools which users use in Excel to get turnover of any information.
Theoretically speaking, there are no limits to the reporting engine, as long as you know what you are looking for.
Using predefined style-sheets reports provide standardized visual experience of reports common in your company. The same fonts and color sets, same indentation and spacing, uniform look of the tables and fields, predefined or customized in advance sets of graphic representation tools, and even combining selected Google graphs or other customized controls.
Notifications, Subscriptions and Alerting
Changes, particularly important ones, are followed by informational notices and approval queries, and alerts (when applicable). However, it is configurable so you can exclude email notifications if you don’t want them to receive in your email inbox.
Sometimes is very productive to let users to “play with data” in Excel, so instead of thinking how to do some report they are focused on the final output, what they expect to see at the end of their “play”. Once when this “playing” get results, the fixed reports can be easily made as permanent, and then users can subscribe to these reports, instead of running them on daily or monthly periods.
Integration with Existing Environment
When it comes to integration with other systems, majority of large-scale expensive tools claim that integration is enabled upon the user requests and with limited application modifications.
Of course, at the point of negotiation of terms for additional interfaces (prices, complexity, milestones) there are risks related to the facts that software manufacturer will not be able (or willing) to create any kind of interface that you need which leaves you on the “dry land”, or terms of additional work are unacceptable or not reasonable comparing with the real required efforts.
With FURIA additional interfaces are handled in a more efficient way.
If there is a request for interface that explore and use FURIA database, it can be done with minimal efforts, either via efficient reporting or via small-size programming efforts (e.g. stored procedures, custom views, etc.). If customer have request for interface that use external data to use in FURIA database as an data input, the business case is formed. Then security and integrity issues are first resolved, after which data flows are organized via standard MSSQL procedures or Microsoft BI productivity tools, e.g. SSIS.
However, costs for additional interfaces can vary depending on complexity of the task and engaged resources, but always having in mind whether this new functionality is suitable for our other clients and if implemented knowledge can be efficiently reused, or it is very specific to the particular customer only.
There should not be surprised clients which receive symbolic 1,00 EUR invoice or similar price when the request reach the point of so-called “greater good“, rapidly improving the whole system for all the customers.
Affordable & Cost-Efficient
What makes significant difference between FURIA system and other commercial or open-source issue management tool is full control of the software TCO.
FURIA licensing is based on software rental, not on the purchase of the application. You simply cannot “buy” the FURIA application, nor you can buy the source code. However, the special arrangements can be done for the companies which policy requires existence of availability of source code for the sake of the Business Continuity or regulatory compliance.
Customers are not “forced” to buy the functionalities that will never be used or the type of support that they do not require on regular basis. Although the system allows you to have theoretically unlimited number of users, hierarchies, atom types and reports, what you will use is what makes your TCO. That way you ensure best cost-effective ratio of the software use.
Just as an illustration, the licensing policy enables you to spare 1/12 of the annual price just if you predict that minimal system functionality is required during one summer month when the most of the staff is on holidays.
Licensing if based on the formal contract with customer typically annual, but not less than 3 months in a row. The actual payments of the software rental are also matter of your choice. Whether it is monthly, quarterly or annual payments – it’s just the matter what best suites your budget optimization.
Support levels are matter of your actual requirements vs. TCO that you are targeting. Regardless of the platform selection, cloud-based on in-house, you can choose 8×5, 12×6 or higher level of support, you can select desired response time and recovery interval. Support if ensured via online channels or as an on-site support. Currently, for the most demanding customers we are offering direct on-site support in Balkans area. However, we are not limiting you on that – there are on-site support options that can be negotiated for the customers anywhere in the world.
Also, there are available options to assure guaranteed quantity of man-days for the development of functionalities that you require for your own target.
Flexible licensing policy and fully customized levels of the support makes you the absolute ruler of your costs.